fenglin/manage/unban_user.php

<?php
        if (isset($_SERVER["argv"]))
        {
                chdir(dirname($_SERVER["argv"][0]));
        }

        require_once "../lib/common.inc.php";
        require_once "../lib/lml.inc.php";
        require_once "../lib/str_process.inc.php";
        require_once "../lib/db_open.inc.php";

        if (!isset($_SERVER["argc"]))
        {
                require_once "../bbs/session_init.inc.php";

                force_login();

                if (!(isset($_SESSION["BBS_priv"]) && $_SESSION["BBS_priv"]->checklevel(P_ADMIN_M | P_ADMIN_S)))
                {
                        echo ("没有权限！");
                        exit();
                }
        }

        $result_set = array(
                "return" => array(
                        "code" => 0,
                        "message" => "",
                        "errorFields" => array(),
                "data" => array(),
                )
        );

        header("Content-Type:application/json; charset=utf-8");

        // Begin transaction
        $rs = mysqli_query($db_conn, "SET autocommit=0");
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        $rs = mysqli_query($db_conn, "BEGIN");
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        // Check system user
        $sql = "SELECT username, nickname FROM user_list
                        INNER JOIN user_pubinfo ON user_list.UID = user_pubinfo.UID
                        WHERE user_list.UID = $BBS_sys_uid";

        $rs = mysqli_query($db_conn, $sql);
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Query user error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        if ($row = mysqli_fetch_array($rs))
        {
                $sys_user = $row["username"];
                $sys_nick = $row["nickname"];
        }
        else
        {
                $result_set["return"]["code"] = -1;
                $result_set["return"]["message"] = "系统账户不存在";

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }
        mysqli_free_result($rs);

        // Check expired ban record
        $sql = "SELECT BID, ban_user_list.UID, ban_user_list.SID, username, title FROM ban_user_list
                        LEFT JOIN user_list ON ban_user_list.UID = user_list.UID
                        LEFT JOIN section_config ON ban_user_list.SID = section_config.SID
                        WHERE ban_user_list.enable AND unban_dt <= NOW() AND ban_user_list.UID <> ban_uid";

        $rs = mysqli_query($db_conn, $sql);
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Query ban record error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        while ($row = mysqli_fetch_array($rs))
        {
                switch ($row["SID"])
                {
                        case 0:
                                $p_name = "发帖权限";
                                break;
                        case -1:
                                $p_name = "登陆权限";
                                break;
                        case -2:
                                $p_name = "消息权限";
                                break;
                        default:
                                $p_name = "发帖权限";
                                break;
                }

                $sql = "UPDATE ban_user_list SET enable = 0, unban_UID = $BBS_sys_uid,
                                unban_dt = NOW(), unban_ip = '127.0.0.1' WHERE BID = " . $row["BID"];

                $ret = mysqli_query($db_conn, $sql);
                if ($ret == false)
                {
                        $result_set["return"]["code"] = -2;
                        $result_set["return"]["message"] = "Update ban record error: " . mysqli_error($db_conn);

                        mysqli_close($db_conn);
                        exit(json_encode($result_set));
                }

                // Prepare announcement
                $title = ($row["SID"] > 0 ? "" : "[全站]") . "恢复“" . $row["username"] . "”" .
                        ($row["SID"] > 0 ? "在“" . $row["title"] . "”版块的" : "全站") . $p_name;
                $content = "已恢复用户“" . $row["username"] . "”" .
                        ($row["SID"] > 0 ? "在“" . $row["title"] . "”版块的" : "全站") . $p_name .
                        "。\n执行人: " . $sys_user . "\n";

                // Set user privilege
                $priv_name = "";
                switch ($row["SID"])
                {
                        case 0:
                                $priv_name = "p_post";
                                break;
                        case -1:
                                $priv_name = "p_login";
                                break;
                        case -2:
                                $priv_name = "p_msg";
                                break;
                }

                if ($priv_name != "")
                {
                        $sql = "UPDATE user_list SET $priv_name = 1 WHERE UID = " . $row["UID"];

                        $ret = mysqli_query($db_conn, $sql);
                        if ($ret == false)
                        {
                                $result_set["return"]["code"] = -2;
                                $result_set["return"]["message"] = "Update user privilege error: " . mysqli_error($db_conn);

                                mysqli_close($db_conn);
                                exit(json_encode($result_set));
                        }
                }

                $sql = "UPDATE user_online SET current_action = 'reload' WHERE UID = " . $row["UID"];

                $ret = mysqli_query($db_conn, $sql);
                if ($ret == false)
                {
                        $result_set["return"]["code"] = -2;
                        $result_set["return"]["message"] = "Update user online error: " . mysqli_error($db_conn);

                        mysqli_close($db_conn);
                        exit(json_encode($result_set));
                }

                // Calculate length of content
                $length = str_length(LML($content, false, false, 1024));

                // Post announcement
                $title = mysqli_real_escape_string($db_conn, $title);
                $content = mysqli_real_escape_string($db_conn, $content);

                $sql = "INSERT INTO bbs_content(AID, content) VALUES(0, '$content')";

                $ret = mysqli_query($db_conn, $sql);
                if ($ret == false)
                {
                        $result_set["return"]["code"] = -2;
                        $result_set["return"]["message"] = "Add content error: " . mysqli_error($db_conn);

                        mysqli_close($db_conn);
                        exit(json_encode($result_set));
                }
                $cid = mysqli_insert_id($db_conn);

                $sql = "INSERT INTO bbs(SID, TID, UID, username, nickname, title, CID, sub_dt,
                                sub_ip, last_reply_dt, icon, length, excerption)
                                VALUES($BBS_notice_sid, 0, $BBS_sys_uid, '$sys_user', '$sys_nick', '$title',
                                $cid, NOW(), '127.0.0.1', NOW(), 11, $length, 0)";

                $ret = mysqli_query($db_conn, $sql);
                if ($ret == false)
                {
                        $result_set["return"]["code"] = -2;
                        $result_set["return"]["message"] = "Add article error: " . mysqli_error($db_conn);

                        mysqli_close($db_conn);
                        exit(json_encode($result_set));
                }
                $aid = mysqli_insert_id($db_conn);

                $sql = "UPDATE bbs_content SET AID = $aid WHERE CID = $cid";

                $ret = mysqli_query($db_conn, $sql);
                if ($ret == false)
                {
                        $result_set["return"]["code"] = -2;
                        $result_set["return"]["message"] = "Update content error: " . mysqli_error($db_conn);

                        mysqli_close($db_conn);
                        exit(json_encode($result_set));
                }

                // Prepare message
                $msg_content = "您" .
                        ($row["SID"] > 0 ? "在“" . $row["title"] . "”版块的" : "全站") . $p_name .
                        "已被恢复。[align right]执行人：[user " . $BBS_sys_uid . "]" .
                        $sys_user . "[/user][/align]";

                // Send message
                $msg_content = mysqli_real_escape_string($db_conn, $msg_content);

                $sql = "INSERT INTO bbs_msg(fromUID, toUID, content, send_dt, send_ip)
                                VALUES($BBS_sys_uid, " . $row["UID"] . ", '$msg_content', NOW(), '127.0.0.1')";

                $ret = mysqli_query($db_conn, $sql);
                if ($ret == false)
                {
                        $result_set["return"]["code"] = -2;
                        $result_set["return"]["message"] = "Insert msg error: " . mysqli_error($db_conn);

                        mysqli_close($db_conn);
                        exit(json_encode($result_set));
                }

                array_push($result_set["return"]["data"], array(
                        "bid" => $row["BID"],
                        "uid" => $row["UID"],
                        "sid" => $row["SID"],
                ));
        }

        mysqli_free_result($rs);

        // Commit transaction
        $rs = mysqli_query($db_conn, "COMMIT");
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        mysqli_close($db_conn);
        exit(json_encode($result_set));
1	sysadm	1.2	<?php
2	sysadm	1.3	if (isset($_SERVER["argv"]))
3	sysadm	1.1	{
4	sysadm	1.3	chdir(dirname($_SERVER["argv"][0]));
5	sysadm	1.1	}
6
7			require_once "../lib/common.inc.php";
8			require_once "../lib/lml.inc.php";
9			require_once "../lib/str_process.inc.php";
10			require_once "../lib/db_open.inc.php";
11
12			if (!isset($_SERVER["argc"]))
13			{
14			require_once "../bbs/session_init.inc.php";
15
16			force_login();
17	sysadm	1.5
18			if (!(isset($_SESSION["BBS_priv"]) && $_SESSION["BBS_priv"]->checklevel(P_ADMIN_M \| P_ADMIN_S)))
19			{
20			echo ("没有权限！");
21			exit();
22			}
23	sysadm	1.1	}
24
25			$result_set = array(
26			"return" => array(
27			"code" => 0,
28			"message" => "",
29			"errorFields" => array(),
30			"data" => array(),
31			)
32			);
33
34			header("Content-Type:application/json; charset=utf-8");
35
36			// Begin transaction
37			$rs = mysqli_query($db_conn, "SET autocommit=0");
38			if ($rs == false)
39			{
40			$result_set["return"]["code"] = -2;
41			$result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);
42
43			mysqli_close($db_conn);
44			exit(json_encode($result_set));
45			}
46	sysadm	1.4
47	sysadm	1.1	$rs = mysqli_query($db_conn, "BEGIN");
48			if ($rs == false)
49			{
50			$result_set["return"]["code"] = -2;
51			$result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);
52
53			mysqli_close($db_conn);
54			exit(json_encode($result_set));
55			}
56
57			// Check system user
58			$sql = "SELECT username, nickname FROM user_list
59			INNER JOIN user_pubinfo ON user_list.UID = user_pubinfo.UID
60			WHERE user_list.UID = $BBS_sys_uid";
61
62			$rs = mysqli_query($db_conn, $sql);
63			if ($rs == false)
64			{
65			$result_set["return"]["code"] = -2;
66			$result_set["return"]["message"] = "Query user error: " . mysqli_error($db_conn);
67
68			mysqli_close($db_conn);
69			exit(json_encode($result_set));
70			}
71
72			if ($row = mysqli_fetch_array($rs))
73			{
74			$sys_user = $row["username"];
75			$sys_nick = $row["nickname"];
76			}
77			else
78			{
79			$result_set["return"]["code"] = -1;
80			$result_set["return"]["message"] = "系统账户不存在";
81
82			mysqli_close($db_conn);
83			exit(json_encode($result_set));
84			}
85			mysqli_free_result($rs);
86
87			// Check expired ban record
88	sysadm	1.4	$sql = "SELECT BID, ban_user_list.UID, ban_user_list.SID, username, title FROM ban_user_list
89	sysadm	1.1	LEFT JOIN user_list ON ban_user_list.UID = user_list.UID
90			LEFT JOIN section_config ON ban_user_list.SID = section_config.SID
91	sysadm	1.7	WHERE ban_user_list.enable AND unban_dt <= NOW() AND ban_user_list.UID <> ban_uid";
92	sysadm	1.1
93			$rs = mysqli_query($db_conn, $sql);
94			if ($rs == false)
95			{
96			$result_set["return"]["code"] = -2;
97			$result_set["return"]["message"] = "Query ban record error: " . mysqli_error($db_conn);
98
99			mysqli_close($db_conn);
100			exit(json_encode($result_set));
101			}
102
103			while ($row = mysqli_fetch_array($rs))
104			{
105			switch ($row["SID"])
106			{
107			case 0:
108			$p_name = "发帖权限";
109			break;
110			case -1:
111			$p_name = "登陆权限";
112			break;
113			case -2:
114			$p_name = "消息权限";
115			break;
116			default:
117			$p_name = "发帖权限";
118			break;
119			}
120
121			$sql = "UPDATE ban_user_list SET enable = 0, unban_UID = $BBS_sys_uid,
122			unban_dt = NOW(), unban_ip = '127.0.0.1' WHERE BID = " . $row["BID"];
123
124			$ret = mysqli_query($db_conn, $sql);
125			if ($ret == false)
126			{
127			$result_set["return"]["code"] = -2;
128			$result_set["return"]["message"] = "Update ban record error: " . mysqli_error($db_conn);
129
130			mysqli_close($db_conn);
131			exit(json_encode($result_set));
132			}
133
134			// Prepare announcement
135			$title = ($row["SID"] > 0 ? "" : "[全站]") . "恢复“" . $row["username"] . "”" .
136			($row["SID"] > 0 ? "在“" . $row["title"] . "”版块的" : "全站") . $p_name;
137			$content = "已恢复用户“" . $row["username"] . "”" .
138			($row["SID"] > 0 ? "在“" . $row["title"] . "”版块的" : "全站") . $p_name .
139			"。\n执行人: " . $sys_user . "\n";
140
141			// Set user privilege
142			$priv_name = "";
143			switch ($row["SID"])
144			{
145			case 0:
146			$priv_name = "p_post";
147			break;
148			case -1:
149			$priv_name = "p_login";
150			break;
151			case -2:
152			$priv_name = "p_msg";
153			break;
154			}
155
156			if ($priv_name != "")
157			{
158			$sql = "UPDATE user_list SET $priv_name = 1 WHERE UID = " . $row["UID"];
159
160			$ret = mysqli_query($db_conn, $sql);
161			if ($ret == false)
162			{
163			$result_set["return"]["code"] = -2;
164			$result_set["return"]["message"] = "Update user privilege error: " . mysqli_error($db_conn);
165	sysadm	1.4
166	sysadm	1.1	mysqli_close($db_conn);
167			exit(json_encode($result_set));
168			}
169			}
170
171			$sql = "UPDATE user_online SET current_action = 'reload' WHERE UID = " . $row["UID"];
172
173			$ret = mysqli_query($db_conn, $sql);
174			if ($ret == false)
175			{
176			$result_set["return"]["code"] = -2;
177			$result_set["return"]["message"] = "Update user online error: " . mysqli_error($db_conn);
178
179			mysqli_close($db_conn);
180			exit(json_encode($result_set));
181			}
182
183			// Calculate length of content
184			$length = str_length(LML($content, false, false, 1024));
185
186			// Post announcement
187			$title = mysqli_real_escape_string($db_conn, $title);
188			$content = mysqli_real_escape_string($db_conn, $content);
189
190			$sql = "INSERT INTO bbs_content(AID, content) VALUES(0, '$content')";
191
192			$ret = mysqli_query($db_conn, $sql);
193			if ($ret == false)
194			{
195			$result_set["return"]["code"] = -2;
196			$result_set["return"]["message"] = "Add content error: " . mysqli_error($db_conn);
197
198			mysqli_close($db_conn);
199			exit(json_encode($result_set));
200			}
201			$cid = mysqli_insert_id($db_conn);
202
203			$sql = "INSERT INTO bbs(SID, TID, UID, username, nickname, title, CID, sub_dt,
204			sub_ip, last_reply_dt, icon, length, excerption)
205			VALUES($BBS_notice_sid, 0, $BBS_sys_uid, '$sys_user', '$sys_nick', '$title',
206			$cid, NOW(), '127.0.0.1', NOW(), 11, $length, 0)";
207
208			$ret = mysqli_query($db_conn, $sql);
209			if ($ret == false)
210			{
211			$result_set["return"]["code"] = -2;
212			$result_set["return"]["message"] = "Add article error: " . mysqli_error($db_conn);
213
214			mysqli_close($db_conn);
215			exit(json_encode($result_set));
216			}
217			$aid = mysqli_insert_id($db_conn);
218
219			$sql = "UPDATE bbs_content SET AID = $aid WHERE CID = $cid";
220
221			$ret = mysqli_query($db_conn, $sql);
222			if ($ret == false)
223			{
224			$result_set["return"]["code"] = -2;
225			$result_set["return"]["message"] = "Update content error: " . mysqli_error($db_conn);
226
227			mysqli_close($db_conn);
228			exit(json_encode($result_set));
229			}
230
231			// Prepare message
232	sysadm	1.8	$msg_content = "您" .
233	sysadm	1.1	($row["SID"] > 0 ? "在“" . $row["title"] . "”版块的" : "全站") . $p_name .
234			"已被恢复。[align right]执行人：[user " . $BBS_sys_uid . "]" .
235			$sys_user . "[/user][/align]";
236
237			// Send message
238			$msg_content = mysqli_real_escape_string($db_conn, $msg_content);
239
240			$sql = "INSERT INTO bbs_msg(fromUID, toUID, content, send_dt, send_ip)
241			VALUES($BBS_sys_uid, " . $row["UID"] . ", '$msg_content', NOW(), '127.0.0.1')";
242
243			$ret = mysqli_query($db_conn, $sql);
244			if ($ret == false)
245			{
246			$result_set["return"]["code"] = -2;
247			$result_set["return"]["message"] = "Insert msg error: " . mysqli_error($db_conn);
248
249			mysqli_close($db_conn);
250			exit(json_encode($result_set));
251			}
252
253			array_push($result_set["return"]["data"], array(
254			"bid" => $row["BID"],
255			"uid" => $row["UID"],
256			"sid" => $row["SID"],
257			));
258			}
259
260			mysqli_free_result($rs);
261
262			// Commit transaction
263			$rs = mysqli_query($db_conn, "COMMIT");
264			if ($rs == false)
265			{
266			$result_set["return"]["code"] = -2;
267			$result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);
268
269			mysqli_close($db_conn);
270			exit(json_encode($result_set));
271			}
272
273			mysqli_close($db_conn);
274			exit(json_encode($result_set));
webmaster@leafok.com	ViewVC Help
Powered by ViewVC 1.3.0-beta1